CWE:
 

Topic
Date
Author
Med.
A2 Solutions SQL Injection
28.05.2017
Sh4dow
Med.
WordPress Huge-IT Video Gallery 2.0.4 SQL Injection
28.05.2017
defensecode
Med.
Joomla VideoFlow 1.2.0 - SQL Injection
25.05.2017
Persian Hack Team
Med.
Joomla VideoFlow 1.2.0 SQL Injection
24.05.2017
Persian Hack Team
Med.
Joomla 3.7.0 Fields SQL Injection
20.05.2017
Mateus Lino
Med.
INFOR EAM 11.0 Build 201410 SQL Injection
16.05.2017
Yoroi
Med.
webone cms sql injection vulnerability
14.05.2017
Ashiyane Digital Secur...
Med.
Chloe SQL INJECTION VULNERABILITY
14.05.2017
Mohammad Babaee
Med.
Trashbilling.com / Trashflow 3.0 XSS / SQL Injection
14.05.2017
g00se
Med.
Elevel SQL INJECTION VULNERABILITY
12.05.2017
Mohammad Babaee
Med.
Webres Technologies SQL Injection
12.05.2017
Siber Güvenlik Akadem...
Med.
Online Hotel Booking System V2.0 - Blind SQL İnjection
09.05.2017
Siber Güvenlik Akadem...
Med.
Micro Solutions SQL Injection
09.05.2017
Siber Güvenlik Akadem...
Med.
webnetseo CMS Multiple Vulnerabilities
07.05.2017
Ashiyane Digital Secur...
Med.
9Xperts SQL Injection Vulnerability
07.05.2017
Zero Security Group
Med.
WP Hotel Booking System Plugin 1.2 - Boolean-Based Blind SQL İnjection
06.05.2017
Siber Güvenlik Akadem...
Med.
Pandoora 1.1 SQL Injection
05.05.2017
Locker IT TeaM
Med.
osCommerce TemplateMonster plugin Error-based SQL Injection
04.05.2017
Insecurity
Med.
MODX Revolution 2.5.6 SQL Injection
04.05.2017
Anti RA$?is
Med.
Adım Group Sql İnjection
03.05.2017
ALoNEmANTR
Med.
Joomla Component JGrid 4.44 - SQL Injection
01.05.2017
Persian Hack Team
Med.
Emby MediaServer 3.2.5 Boolean-based Blind SQL Injection Vulnerability
30.04.2017
Gjoko 'LiquidWorm' Krs...
Med.
Ofek Technologies Admin Login bypass
29.04.2017
magelang1337
Med.
TYPO3 News Module SQL Injection
27.04.2017
Charles FOL
Med.
WordPress Wow Forms 2.1 SQL Injection
27.04.2017
TAD GROUP
Med.
WordPress KittyCatfish 2.2 SQL Injection
27.04.2017
TAD GROUP
Med.
WordPress Wow Viral Signups 2.1 SQL Injection
27.04.2017
TAD GROUP
Med.
WordPress Car Rental System 2.5 SQL Injection
27.04.2017
TAD GROUP
Med.
Joomla MyPortfolio 3.0.2 SQL Injection
27.04.2017
Persian Hack Team
Med.
NetOffica Admin Login Bypass
24.04.2017
The Devil
Med.
Wordpress flash album gallery Plugins SQL Vulnerability.
23.04.2017
Ashiyane Digital Secur...
Med.
Wordpress newsletter Plugins SQL Vulnerability.
22.04.2017
Ashiyane Digital Secur...
Med.
Exponent CMS 2.4.1 SQL Injection
22.04.2017
404notfound
Med.
eBay Auction Premium Clone Script 6.42 SQL Injection
22.04.2017
Bilal KARDADOU
Med.
Oracle E-Business Suite 12.2.3 SQL Injection
21.04.2017
Dmitry Chastuhin
Med.
创梦网络信息管理系统 Admin Login Bypass
20.04.2017
3F-Team
Med.
My Qingfeng SQLI Injection Vulnerability
16.04.2017
Ashiyane Digital Secur...
Med.
Joomla com_phocadownload SQL Vulnerability
15.04.2017
Ashiyane Digital Secur...
Med.
Word Directory Script 2.1 Cross Site Scripting / SQL Injection
15.04.2017
Bilal KARDADOU
Med.
MATESO GmbH Password Safe And Repository 7.4.4 b2247 SQL Injection
12.04.2017
Matthias Deeg
Med.
Social Directory Script 2.0 SQL Injection
12.04.2017
Ihsan Sencan
Med.
Classified Portal Software 5.1 SQL Injection
12.04.2017
Ihsan Sencan
Med.
FAQ Script 3.1.3 SQL Injection
12.04.2017
Ihsan Sencan
Med.
Hermosoft CMS Admin Page ByPass
11.04.2017
xBADGIRL21
Med.
Jobscript4Web 4.5 SQL Injection
11.04.2017
TurkCyberArmy
Med.
Wordpress webplayer Plugins SQL Injection Vulnerability
10.04.2017
Ashiyane Digital Secur...
Med.
Wordpress salient Themes SQL Injection Vulnerability
09.04.2017
Ashiyane Digital Secur...
Med.
Moodle 2.x/3.x - SQL Injection
07.04.2017
Marko Belzetski
Med.
طراحی و تولید: " ایران سامانه High Security Level SQL Injection
07.04.2017
Mr.0&1
Low
Joomla Component JobGrok Listing 3.1-1.2.58 - SQL Injection
03.04.2017
Persian Hack Team
Med.
Joomla Component JobGrok Application 3.1-1.2.55 - SQL Injection
03.04.2017
Persian Hack Team
Med.
Techizas Infotech Admin login bypass
01.04.2017
magelang1337
Med.
Innovative Web Ideas SQL Injection
31.03.2017
Azerbaijan Cyber Army
Med.
Opensource Classified Ads Script - SQL Injection
30.03.2017
Ihsan Sencan
Med.
inoERP 0.6.1 CSRF / XSS / SQL Injection
28.03.2017
foxmole
Med.
Tour Package Booking 1.0 SQL Injection
28.03.2017
Ihsan Sencan
Med.
Delux Same Day Delivery Script 1.0 SQL Injection
28.03.2017
Ihsan Sencan
Med.
CouponPHP CMS 3.1 SQL Injection
28.03.2017
Ihsan Sencan
Med.
Just Another Video Script 1.4.3 SQL Injection
28.03.2017
Ihsan Sencan
Med.
Parcel Delivery Booking Script 1.0 SQL Injection
28.03.2017
Ihsan Sencan
Med.
Adult Tube Video Script SQL Injection
28.03.2017
Ihsan Sencan
Med.
Hotel Booking Script 1.0 SQL Injection
28.03.2017
Ihsan Sencan
Med.
B2B Marketplace Script 2.0 SQL Injection
28.03.2017
Ihsan Sencan
Med.
Courier Tracking Software 6.0 SQL Injection
28.03.2017
Ihsan Sencan
Med.
Alibaba Clone Script SQL Injection
28.03.2017
Ihsan Sencan
Med.
PHP Real Estate Property Script SQL Injection
28.03.2017
Ihsan Sencan
Med.
Professional Bus Booking Script SQL Injection
28.03.2017
Ihsan Sencan
Med.
EON 5.0 SQL Injection
24.03.2017
Nicolas SERRA
Med.
Gr8 Tutorial Script SQL Injection
24.03.2017
Ihsan Sencan
Med.
Gr8 Gallery Script SQL Injection
24.03.2017
Ihsan Sencan
Med.
Joomla FocalPoint 1.2.3 SQL Injection
24.03.2017
Persian Hack Team
Med.
Bonza Digital Cart Script 1 SQL Injection
24.03.2017
Bilal KARDADOU
Med.
Membership Site Script 1 SQL Injection
24.03.2017
Bilal KARDADOU
Med.
Joomla Component FocalPoint 1.2.3 - SQL Injection
23.03.2017
Persian Hack Team
Med.
Joomla Extra Search 2.2.8 SQL Injection
22.03.2017
Ihsan Sencan
Med.
GLink Word Link Script 1.2.3 SQL Injection
22.03.2017
Ihsan Sencan
Med.
Joomla JooCart 2.x SQL Injection
21.03.2017
Ihsan Sencan
Med.
Omegle Clone SQL Injection
20.03.2017
Ihsan Sencan
Med.
iFdate Social Dating Script 2.0 SQL Injection
20.03.2017
Ihsan Sencan
Med.
Joomla jCart For OpenCart 2.0 SQL Injection
20.03.2017
Ihsan Sencan
Med.
Secure Download Links SQL Injection
20.03.2017
Ihsan Sencan
Med.
phplist 3.2.6 SQL Injection
20.03.2017
Tim Coen
Med.
Steam Profile Integration 2.0.11 SQL Injection
18.03.2017
DrWhat
Med.
Joomla Vik Appointments 1.5 SQL Injection
16.03.2017
Ihsan Sencan
Med.
Joomla Vik Rent Car 1.11 SQL Injection
16.03.2017
Ihsan Sencan
Med.
Joomla Vik Rent Items 1.3 SQL Injection
16.03.2017
Ihsan Sencan
Med.
Joomla Advertisement Board 3.0.4 SQL Injection
15.03.2017
Ihsan Sencan
Med.
Joomla Simple Membership 3.3.3 SQL Injection
15.03.2017
Ihsan Sencan
Med.
Car Workshop System SQL Injection
14.03.2017
Ihsan Sencan
Med.
Joomla ALFContact 3.2.3 SQL Injection
14.03.2017
Persian Hack Team
Med.
Joomla com_kide Component 'view' Parameter Sql Injection Vulnerability
13.03.2017
Amir
Med.
Travel Tours Script 2.0 SQL Injection
13.03.2017
Ihsan Sencan
Med.
Property Listing Script 3.1 SQL Injection
13.03.2017
Ihsan Sencan
Med.
Pet Listing Script 3.0 SQL Injection
13.03.2017
Ihsan Sencan
Med.
Domain Marketplace Script SQL Injection
13.03.2017
Ihsan Sencan
Med.
Vanelo Wanelo Clone SQL Injection
13.03.2017
Ihsan Sencan
Med.
Yacht Listing Script 2.0 SQL Injection
13.03.2017
Ihsan Sencan
Med.
Mirage Fancy Clone SQL Injection
13.03.2017
Ihsan Sencan
Med.
PHP Forum Script 3.0 SQL Injection
13.03.2017
Ihsan Sencan
Med.
Yellow Pages Script 3.2 SQL Injection
13.03.2017
Ihsan Sencan


CVEMAP Search Results

CVE
Details
Description
2015-02-20
Medium
CVE-2015-1517

Vendor: Piwigo
Software: Piwigo
 

 
SQL injection vulnerability in Piwigo before 2.7.4, when all filters are activated, allows remote authenticated users to execute arbitrary SQL commands via the filter_level parameter in a "Refresh photo set" action in the batch_manager page to admin.php.

 
2015-02-17
Medium
CVE-2015-1616

Vendor: Mcafee
Software: Data loss pr...
 

 
SQL injection vulnerability in the ePO extension in McAfee Data Loss Prevention Endpoint (DLPe) before 9.3.400 allows remote authenticated ePO users to execute arbitrary SQL commands via unspecified vectors.

 
2015-02-16
Medium
CVE-2015-1434

Vendor: Mylittleforum
Software: My little forum
 

 
Multiple SQL injection vulnerabilities in my little forum before 2.3.4 allow remote administrators to execute arbitrary SQL commands via the (1) letter parameter in a user action or (2) edit_category parameter to index.php.

 
2015-02-12
Medium
CVE-2015-1471

Vendor: Pragyan cms project
Software: Pragyan cms
 

 
SQL injection vulnerability in userprofile.lib.php in Pragyan CMS 3.0 allows remote attackers to execute arbitrary SQL commands via the user parameter to the default URI.

 
2015-02-11
Medium
CVE-2015-1576

Vendor: YUBA
Software: U5cms
 

 
Multiple SQL injection vulnerabilities in u5CMS before 3.9.4 allow remote attackers to execute arbitrary SQL commands via the name parameter to (1) copy2.php, (2) localize.php, (3) metai.php, (4) nc.php, (5) new2.php, or (6) rename2.php in u5admin/; (7) c parameter to u5admin/editor.php; (8) typ parameter to u5admin/meta2.php; or (9) newname parameter to u5admin/rename2.php.

 
2015-02-06
Medium
CVE-2015-1442

Vendor: AAS9
Software: Zerocms
 

 
SQL injection vulnerability in views/zero_transact_user.php in the administrative backend in ZeroCMS 1.3.3, 1.3.2, and earlier allows remote authenticated users to execute arbitrary SQL commands via the user_id parameter in a Modify Account action. NOTE: The article_id parameter to zero_view_article.php vector is already covered by CVE-2014-4034.

 
Medium
CVE-2015-1467

Vendor: Fork-cms
Software: Fork cms
 

 
Multiple SQL injection vulnerabilities in Translations in Fork CMS before 3.8.6 allow remote authenticated users to execute arbitrary SQL commands via the (1) language[] or (2) type[] parameter to private/en/locale/index.

 
Medium
CVE-2015-1513

Vendor: Siphon
Software: Siphone ente...
 

 
SQL injection vulnerability in SIPhone Enterprise PBX allows remote attackers to execute arbitrary SQL commands via the Username.

 
Medium
CVE-2015-1514

Vendor: Fancyfon
Software: Famoc
 

 
Multiple SQL injection vulnerabilities in FancyFon FAMOC before 3.17.4 allow (1) remote attackers to execute arbitrary SQL commands via the device ID REST parameter (PATH_INFO) to /ajax.php or (2) remote authenticated users to execute arbitrary SQL commands via the order parameter to index.php.

 
2015-02-04
Medium
CVE-2014-7864

Vendor: Zohocorp
Software: Manageengine...
 

 
Multiple SQL injection vulnerabilities in the FailOverHelperServlet (aka FailServlet) servlet in ZOHO ManageEngine OpManager 8 through 11.5 build 11400 and IT360 10.5 and earlier allow remote attackers and remote authenticated users to execute arbitrary SQL commands via the (1) customerName or (2) serverRole parameter in a standbyUpdateInCentral operation to servlet/com.adventnet.me.opmanager.servlet.FailOverHelperServlet.

 

 


Copyright 2017, cxsecurity.com